Microsoft Fixes Exchange Server Zero-Days Exploited in Active Attacks

[TechWeb]( Follow Dark Reading: [RSS]( March 03, 2021 LATEST SECURITY NEWS & COMMENTARY [Microsoft Fixes Exchange Server Zero-Days Exploited in Active Attacks]( Microsoft fixes multiple Exchange Server vulnerabilities being weaponized in attacks from a group it believes operates out of China. [Attacker Expands Use of Malicious SEO Techniques to Distribute Malware]( The operators of REvil and Gootkit have begun using a tried and tested technique to distribute additional malware, Sophos says. [Microsoft Ignite Brings Security & Compliance Updates]( Microsoft announces support for data loss prevention in Google Chrome, co-authoring of protected files, and more at Ignite 2021. ['ObliqueRAT' Now Hides Behind Images on Compromised Websites]( 'Transparent Tribe' has switched its tactics for distributing the remote access Trojan, researchers found. [Policy Group Calls for Public-Private Cyber-Defense Program]( The proposed National Cyber Response Network would link federal agencies, companies, and local governments, allowing collaboration during a cyberattack. [4 Ways Health Centers Can Stop the Spread of Cyberattacks]( Health centers must shift the perception of cyberattacks from potential risk to real threat in order to take the first step toward a safer, healthier security posture. [Why Cloud Security Risks Have Shifted to Identities and Entitlements]( Traditional security tools focus on the network perimeter, leaving user and service accounts vulnerable to hackers. [Google Partners With Insurers to Create Risk Protection Program]( Google Cloud, Allianz, and Munich Re teamed up to build a program that aims to reduce risk and potentially cut costs for customers. [Thycotic and Centrify to Merge In $1.4B Deal]( TPG Capital will combine privileged access management providers into one company. [MORE NEWS & COMMENTARY]( HOT TOPICS [Cybercrime 'Help Wanted': Job Hunting on the Dark Web]( How's your 'Probiv'? How about customer service? Here's how Dark Web forums connect cybercriminals looking for talent with those looking for work -- and which skills are hot right now. [North Korea's Lazarus Group Expands to Stealing Defense Secrets]( Several gigabytes of sensitive data stolen from one restricted network, with organizations in more than 12 countries impacted, Kaspersky says. [Ransomware, Phishing Will Remain Primary Risks in 2021]( Attackers have doubled down on ransomware and phishing -- with some tweaks -- while deepfakes and disinformation will become more major threats in the future, according to a trio of threat reports. [MORE]( EDITORS' CHOICE [8 Ways Ransomware Operators Target Your Network]( Security researchers explore how criminals are expanding their arsenals with new, more subtle, and more effective ransomware attack techniques. [Building a Next-Generation SOC Starts With Holistic Operations]( The proper template for a modernized SOC team is one that operates seamlessly across domains with a singular, end-to-end view. LATEST FROM THE EDGE [Name That Edge Toon: In Hot Water]( Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card. Tech Resources - [Why Add Security to Your Skill Set and How to Do It]( - [Improving Security by Moving Beyond VPN]( - [Accelerate Threat Resolutions with DNS]( - [MontanaPBS Shifts to Agile Broadcasting with Help from Raritan KVM Solutions]( - [Key Strategies for Managing New Risks in Cybersecurity]( - [The Hidden Security Risks of APIs: How to Protect Your Brand, Business, and Data]( - [451 Cloud Confidence Report]( [ACCESS TECH LIBRARY NOW]( - [Key technology trends in 2021 - Making these technologies work for your business]( The focus of this webinar, taking place on March 04 at 02:00 PM Singapore Time, is to identify some of the key technology trends that will further mature and innovate in 2021, and what potential challenges these will bring to application developers and ... - [Protecting Your Enterprise's Intellectual Property]( In this webinar, you'll learn about the techniques and tactics that cybercriminals use to crack IP, and how your organization can detect and defend itself against these sophisticated, targeted attacks. [MORE WEBINARS]( FEATURED REPORTS - [Are Unprotected Cloud Databases Leaking Your Data?]( - [The State of Threat Detection and Response]( [MORE REPORTS]( CURRENT ISSUE [2021 Top Enterprise IT Trends]( [DOWNLOAD THIS ISSUE]( [SUBSCRIBE NOW]( [BACK ISSUES]( | [MUST READS]( | [TECH DIGEST]( PRODUCTS & RELEASES [Kaspersky VPN Secure Connection Now Available on Macs with Apple Silicon]( [StorCentric Announces Nexsan Assureon Cloud Edition]( [Only 19% of Women in Tech Were Inspired to Join Profession by Female Role Model]( [Cynet Reviews the Top 6 Most Notable Cyber Attacks of 2020]( [MORE PRODUCTS & RELEASES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech 303 Second St., Suite 900 South Tower, San Francisco, CA 94107 To update your profile, change your e-mail address, or unsubscribe, [click here.]( To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:customerservice_informationhub@techweb.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2021]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:customerservice_informationhub@techweb.com)